User Guide DDOC0199-000-A9
1-Slot Data Transport System (CSfC) 6 - 1 Encryption
© 2024 Curtiss-Wright Defense Solutions Revision 3.0
Encryption
NOTE
Throughout this section, yellow highlighted text is used to denote user-defined or software-gener-
ated inputs. Green highlighted text is used to show changes in values, settings, or responses due
to implementation of a software command.
6.1 Passwords / Passphrases
6.1.1 Hardware Layer Passwords
The following is required for hardware layer passwords:
• Must be 8-64 characters in length.
• Must contain at least one number.
• Must contain at least one alpha character.
• No special characters allowed.
6.1.2 Software Layer Passwords / Passphrases
The following is required for software layer passwords / passphrases:
• Must be 15-512 characters in length.
• If using password, must pass dictionary test.
• Use numbers, letters, and special characters.
6.1.3 Incorrect Password / Passphrase Entered
Hardware Layer
The hardware layer password can be incorrectly entered two times without issue. On the third try if
an incorrect password is entered, the hardware layer will enter an error state. Once this occurs, the
DTS1+ CSfC will need to be power-cycled.
Software Layer
The software layer password / passphrase can be incorrectly entered four times without issue. On
the fifth try if an incorrect password / passphrase is entered, the software layer will no longer
accept a password / passphrase. Once this occurs, the DTS1+ CSfC will need to be either
rebooted or power-cycled.
6.1.4 Change Password / Passphrase
Hardware Layer
To change the hardware layer password the following must occur:
• The hardware layer must be zeroized. Refer to paragraph 6.5.1 Zeroize HWE Key for
information.
• A new account must be created using the new / changed password. Refer to paragraph 6.3.2
Initialize / Login - Crypto Module and paragraph 6.3.4 Access RMC Module (Plain Text
DEK / Encrypted DEK)for information.
Software Layer
To change the software layer password the following must occur:
• The software layer container(s) must be deleted. Refer to paragraph 6.4.1.5 Delete SWE
Container (Unpartitioned Disk), paragraph 6.4.2.10 Delete SWE Container (Individual
Partitions), and/or paragraph 6.4.2.11 Delete SWE Containers (All Partitions) for
information.
• New software container(s) must be created using the new / changed password. Refer to
paragraph 6.4.1.1 Initialize Container (Unpartitioned Disk), paragraph 6.4.2.1 Initialize
SWE Containers (Partitions - Different Passphrases), and /or paragraph 6.4.2.3 Initialize
SWE Encryption (Partitions - Same Passphrase) for information.
To Next Page
Loading...